Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          DJnBO7DzmGpSZ6WvVvehwLryk4rJ3PZTqxe9+87oOaM=
Subject key identifier:   A2:99:E6:5A:46:67:80:A2:9F:85:AA:8E:1C:41:11:AE:5C:8D:7C:BF
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       019D9961EBEBADDC213707EF7EF86B0C2831
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          160C
Signing time:             Fri 17 Apr 2026 03:00:24 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:24 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:24 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: CVzGWxEjgHVlqASJKELE4YCkZaAIjSa5ewcT2vWHJm8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:61:eb:eb:ad:dc:21:37:07:ef:7e:f8:6b:0c:28:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: Apr 17 03:00:24 2026 GMT
            Not After : Apr 18 03:00:24 2026 GMT
        Subject: CN=a299e65a466780a29f85aa8e1c4111ae5c8d7cbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:28:ca:b4:f4:5e:e1:d9:50:70:ca:22:94:18:
                    e8:e8:2e:0e:88:0a:85:bc:40:a0:9e:4b:e3:42:90:
                    6a:91:8c:b2:91:c1:62:d0:3d:3c:48:ac:c1:c9:3e:
                    a1:21:00:bd:89:c0:af:ac:56:f0:5e:b5:7c:a6:2d:
                    69:de:0a:7b:fb:38:fe:0c:d4:40:58:ec:96:5d:2a:
                    a3:d8:e2:b1:62:c2:19:15:40:66:71:ad:46:e8:f2:
                    36:e4:8f:ef:27:c7:77:93:2b:88:80:33:2c:99:3c:
                    07:45:09:0b:10:84:15:5f:81:a8:14:e3:a5:d1:e1:
                    ee:c0:35:78:4c:a7:0a:59:ab:7b:0e:35:21:1c:a0:
                    c7:2d:6a:e5:c6:a8:37:49:17:53:69:2b:4f:ca:7b:
                    fd:26:d3:b3:a5:cc:51:62:24:4a:93:01:df:30:f5:
                    ef:10:6a:03:a4:43:f7:ec:5b:3a:f4:3d:33:11:cd:
                    b7:35:be:9e:14:f9:d5:85:cb:35:05:33:e3:83:6f:
                    02:f0:c4:5b:bc:c9:46:56:58:a0:31:47:ad:0d:0d:
                    dc:79:ad:f9:bf:9e:a2:f8:1d:49:de:34:19:40:52:
                    a2:3c:07:64:42:47:ce:c9:e0:98:b8:e8:2e:b0:37:
                    21:29:4b:7f:59:e2:17:23:dc:74:ed:d2:14:c7:f5:
                    94:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:99:E6:5A:46:67:80:A2:9F:85:AA:8E:1C:41:11:AE:5C:8D:7C:BF
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:2e:22:9d:b1:c1:fe:7c:46:bf:11:aa:9f:99:28:fd:55:d6:
         55:c1:df:94:b5:71:35:87:7f:b2:8d:5b:db:29:55:75:6e:0a:
         c0:5f:5b:90:fe:41:2f:9d:f2:c7:c3:b2:7b:44:13:9a:e6:da:
         e8:de:a9:2f:67:e8:1c:7f:05:93:dc:05:e6:70:32:8a:65:8b:
         6f:72:54:36:53:74:9f:9f:68:c6:7a:ca:8e:ee:fe:d7:df:b8:
         2d:75:9c:73:d3:db:7c:20:0b:4f:2c:50:08:6d:10:49:4d:3d:
         2c:44:2d:69:57:a0:1c:f2:2d:cf:55:d5:98:56:6c:0b:32:79:
         69:a9:c6:0b:c0:77:7a:1b:f0:9e:5b:aa:14:8f:2c:cf:bf:c7:
         75:ff:ee:aa:66:86:28:3f:ba:ed:3a:2c:e9:e6:82:09:cd:e2:
         10:b8:84:d1:14:4e:f0:9b:c6:61:d7:6f:30:92:f6:1f:ae:d1:
         d5:1b:41:7f:c8:7b:e0:15:f6:86:b2:1f:9d:1e:4a:a9:50:cc:
         d5:6a:43:46:be:fb:90:6e:d2:3b:c2:cc:0b:0f:41:b4:e3:40:
         cb:f0:31:5c:ab:e7:17:c0:90:d2:30:81:cd:f1:e4:4a:76:9a:
         a3:b0:bf:b8:f3:ee:9f:62:d5:77:33:34:53:8b:25:7b:9e:fb:
         20:c8:42:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYevrrdwhNwfvfvhrDCgxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjYwNDE3MDMwMDI0WhcNMjYwNDE4MDMwMDI0WjAzMTEwLwYDVQQD
EyhhMjk5ZTY1YTQ2Njc4MGEyOWY4NWFhOGUxYzQxMTFhZTVjOGQ3Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyjKtPRe4dlQcMoilBjo6C4OiAqF
vECgnkvjQpBqkYyykcFi0D08SKzByT6hIQC9icCvrFbwXrV8pi1p3gp7+zj+DNRA
WOyWXSqj2OKxYsIZFUBmca1G6PI25I/vJ8d3kyuIgDMsmTwHRQkLEIQVX4GoFOOl
0eHuwDV4TKcKWat7DjUhHKDHLWrlxqg3SRdTaStPynv9JtOzpcxRYiRKkwHfMPXv
EGoDpEP37Fs69D0zEc23Nb6eFPnVhcs1BTPjg28C8MRbvMlGVligMUetDQ3cea35
v56i+B1J3jQZQFKiPAdkQkfOyeCYuOgusDchKUt/WeIXI9x07dIUx/WU0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKZ5lpGZ4Cin4WqjhxBEa5cjXy/MB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABi4inbHB
/nxGvxGqn5ko/VXWVcHflLVxNYd/so1b2ylVdW4KwF9bkP5BL53yx8Oye0QTmuba
6N6pL2foHH8Fk9wF5nAyimWLb3JUNlN0n59oxnrKju7+19+4LXWcc9PbfCALTyxQ
CG0QSU09LEQtaVegHPItz1XVmFZsCzJ5aanGC8B3ehvwnluqFI8sz7/Hdf/uqmaG
KD+67Tos6eaCCc3iELiE0RRO8JvGYddvMJL2H67R1RtBf8h74BX2hrIfnR5KqVDM
1WpDRr77kG7SO8LMCw9BtONAy/AxXKvnF8CQ0jCBzfHkSnaao7C/uPPun2LVdzM0
U4sle577IMhC3A==
-----END CERTIFICATE-----